CC9 - Risk Mitigation

CC9 outlines the organization's requirement to identify, assess and mitigate risks that could affect the achievement of the Trust Services Criteria objectives. It calls for documented risk-mitigation strategies, implementation of appropriate controls and ongoing monitoring to ensure risks are reduced to acceptable levels.